package com.zhangzc.sc.scgateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;

@Configuration
public class ScCorsConfiguration {

    @Bean
    public CorsWebFilter corsWebFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();

        // 明确指定允许的源（代替通配符 *）
        config.addAllowedOriginPattern("*"); // 允许本地所有端口
        //允许所有的请求头
        config.addAllowedHeader("*");
        //允许所有的请求方法
        config.addAllowedMethod("*");

        config.setAllowCredentials(true); // 允许凭证

        source.registerCorsConfiguration("/**", config);
        return new CorsWebFilter(source);
    }
}